Export limit exceeded: 46490 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46490 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-2932 1 Redhat 1 Adminutil 2026-04-23 N/A
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929.
CVE-2008-2935 2 Redhat, Xmlsoft 2 Enterprise Linux, Libxslt 2026-04-23 N/A
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input."
CVE-2008-2959 1 Microsoft 1 Visual Basic Enterprise Edition 2026-04-23 N/A
Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.
CVE-2008-3008 1 Microsoft 5 Windows-nt, Windows 2000, Windows 2003 Server and 2 more 2026-04-23 N/A
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."
CVE-2008-3012 1 Microsoft 16 Digital Image Suite, Forefront Client Security, Internet Explorer and 13 more 2026-04-23 N/A
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
CVE-2008-3014 1 Microsoft 14 Digital Image Suite, Forefront Client Security, Internet Explorer and 11 more 2026-04-23 N/A
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
CVE-2008-3015 1 Microsoft 9 Digital Image Suite, Forefront Client Security, Office and 6 more 2026-04-23 N/A
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
CVE-2008-3066 1 Realnetworks 1 Realplayer 2026-04-23 N/A
Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media library and then deleting this file.
CVE-2008-3072 1 Simple Machines 1 Simple Machines Forum 2026-04-23 N/A
Simple Machines Forum (SMF) 1.1.x before 1.1.5 and 1.0.x before 1.0.13, when running in PHP before 4.2.0, does not properly seed the random number generator, which has unknown impact and attack vectors.
CVE-2008-3108 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Buffer overflow in Sun Java Runtime Environment (JRE) in JDK and JRE 5.0 before Update 10, SDK and JRE 1.4.x before 1.4.2_18, and SDK and JRE 1.3.x before 1.3.1_23 allows context-dependent attackers to gain privileges via unspecified vectors related to font processing.
CVE-2008-3111 2 Redhat, Sun 5 Network Satellite, Rhel Extras, Jdk and 2 more 2026-04-23 N/A
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrated by (a) an application that grants itself privileges to (1) read local files, (2) write to local files, or (3) execute local programs; and as demonstrated by (b) a long value associated with a java-vm-args attribute in a j2se tag in a JNLP file, which triggers a stack-based buffer overflow in the GetVMArgsOption function; aka CR 6557220.
CVE-2008-3115 1 Sun 2 Jdk, Jre 2026-04-23 N/A
Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases.
CVE-2008-3116 1 Hanghai 3 5th Street, High Street 5, Hot Step 2026-04-23 N/A
Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High Street 5) allows remote attackers to execute arbitrary code via format string specifiers in a chat message.
CVE-2008-3126 1 Fujitsu 1 Serverview 2026-04-23 N/A
Multiple stack-based buffer overflows in the ServerView web interface (SnmpGetMibValues.exe) in Fujitsu Siemens Computers ServerView 04.60.07 and earlier allow remote authenticated users to execute arbitrary code via a crafted URL.
CVE-2008-3135 1 Secretwars 1 Soldner Secret Wars 2026-04-23 N/A
Soldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a large numeric value in a 0x80 data block.
CVE-2008-3142 4 Canonical, Debian, Python and 1 more 4 Ubuntu Linux, Debian Linux, Python and 1 more 2026-04-23 N/A
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro.
CVE-2008-3143 2 Python, Redhat 2 Python, Enterprise Linux 2026-04-23 N/A
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9) cjkcodecs/multibytecodec.c, (10) datetimemodule.c, (11) md5.c, (12) rgbimgmodule.c, and (13) stropmodule.c in Modules/; (14) bufferobject.c, (15) listobject.c, and (16) obmalloc.c in Objects/; (17) Parser/node.c; and (18) asdl.c, (19) ast.c, (20) bltinmodule.c, and (21) compile.c in Python/, as addressed by "checks for integer overflows, contributed by Google."
CVE-2008-3144 2 Python, Redhat 2 Python, Enterprise Linux 2026-04-23 N/A
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.
CVE-2008-3146 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2026-04-23 N/A
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
CVE-2008-3148 2 Mackt, Ollydbg 2 Imprec, Ollydbg 2026-04-23 N/A
Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string.